We are seeing a significant increase in phishing attacks targeting Arkansas Tech University and its students, faculty, and staff. It has come to our attention that cybercriminals are employing increasingly sophisticated methods to deceive individuals and gain unauthorized access to sensitive information.
Phishing attacks involve the use of deceptive emails, text messages, or websites to trick unsuspecting individuals into revealing confidential data, such as login credentials, financial details, or personal information. These cybercriminals often masquerade as reputable entities or individuals, making it difficult to differentiate their fraudulent communications from legitimate ones.
To safeguard Arkansas Tech’s security and protect your personal information, it is crucial that you remain vigilant and follow these essential guidelines:
- Be cautious with email attachments and links: Exercise extreme caution when opening attachments or clicking on links in emails, especially if they are unexpected, unfamiliar, or suspicious. Hover your cursor over links to verify their destination before clicking on them. If the email seems too good to be true it probably is. Verify before proceeding.
- Verify the sender’s credibility: Pay close attention to the email sender’s address and ensure it matches the known email addresses of trusted contacts. However, keep in mind that sophisticated attackers can spoof email addresses, so be cautious even if the sender appears legitimate.
- External Senders Warning: Any email sent from an outside source will have a warning at the top of the email. If you see this warning be extra careful. Use this warning as a method to determine if an email is legitimate.
- Compromised account: Compromised accounts are used to lure you into believing that the email is legitimate. Be vigilant when clicking on links or giving out information. Contact that user to make sure they sent that email. They may be unaware that this is happening.
- Scrutinize email content: Look for red flags such as poor grammar, misspellings, unusual requests, or urgent demands for personal or financial information. Legitimate organizations typically do not request sensitive data via email.
- Avoid providing sensitive information: Never share sensitive personal or financial information through email or on unfamiliar websites. Legitimate organizations will have secure methods for collecting such data.
- Never give out your username or password: Never give your username or password to a third party. Be wary of using your username or password in a website that you access when clicking on a link in an email. These are often fake websites that are set up to get your login information.
- Never give out your Duo code: Never provide your Duo two factor authentication code to anyone. Never blindly approve a login request in Duo. You may be giving access to a cybercriminal.
- Keep software and security systems up to date: Regularly update your computers operating system, web browsers, and security software to ensure you have the latest protection against potential vulnerabilities.
- Report suspicious activity: If you encounter a suspicious email, website, or any potential security breach, report it to Campus Support immediately. It is better to wait and verify the authenticity of an email before clicking on any links.
Remember, your vigilance and adherence to these guidelines are crucial in maintaining the security of Arkansas Tech’s data and protecting all faculty, staff, and students from phishing attacks.
If you have any questions or concerns regarding this matter, please do not hesitate to reach out to Campus Support by phone at 479-968-0646, or by email at campussupport@atu.edu or the security department at security@atu.edu. Together, we can combat these cyber threats and maintain a secure environment for all.